"We will impose costs on you until you get the point." (National Security Advisor John Bolton, Wall Street Journal conference, Tuesday June 11)
Since at least 2012, the United States has been injecting malware into the control systems of the Russian electricity grid, reports the New York Times.
While the campaign originally started as a reconnaissance mission, it became more aggressive under new authorities granted to United States Cyber Command.
As a result, under a "defend forward" policy,
American strategy has shifted more toward offense ... with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before.
The new authorities can be found in two documents, the National Security Presidential Memoranda 13 (classified) and the John S. McCain National Defense Authorization Act, in which
Congress affirms that the activities or operations referred to in subsection (a), when appropriately authorized, include the conduct of military activities or operations in cyberspace short of hostilities (as such term is used in the War Powers Resolution (Public Law 93-148; 50 U.S.C. 1541 et seq.)) or in areas in which hostilities are not occurring, including for the purpose of preparation of the environment, information operations, force protection, and deterrence of hostilities, or counterterrorism operations involving the Armed Forces of the United States.
These activities are now considered a routine matter, for which only Secretary of Defense approval is needed. With section (c) of SEC. 1632. of the Act specifying that the "clandestine military activity or operation in cyberspace shall be considered a traditional military activity", the Secretary is not even required to brief the President.
One can't help to think of a couple of other milestones targeting power networks: stuxnet (2009), the Ukraine power grid attacks of 2015, 2016, 2017 and 2018 involving Industroyer (2016) and note that, ultimately, such attacks did not remain restricted to the original target area.
(Score: 5, Informative) by quietus on Monday June 17 2019, @06:13PM (4 children)
It might not be an Act of War according to US legalese, but it is an Act of Agression according to the United Nations [un.org] (UN General Assembly Resolution 3314 (XXIX), 14 December 1974).
You might also recall that NATO's official policy adopted at the Wales summit in 2014 states that a cyber attack might trigger Article 5. That same statement, coincidentally, also talks a lot about national networks, so I guess NATO sees those networks as part of their territorial integrity.
(Score: 0, Flamebait) by khallow on Monday June 17 2019, @07:25PM
(Score: 1) by khallow on Tuesday June 18 2019, @12:21PM (2 children)
What makes this a "cyber attack"? I guess we have a target, but what harm has been done to the target? Once again, I return to my earlier observation. You need to have harm, not merely some uncomfortable feeling of insecurity come of this.
(Score: 2) by quietus on Tuesday June 18 2019, @09:40PM (1 child)
Excellent question. There does not seem to be a commonly accepted definition yet, either. Even the term cyber threat seems not clearly defined, though DDoS, malware and disinformation operations are mentioned.
NATO Review however, in a historical timeline of cyber attacks [nato.int], mentions that in 2007, the US Secretary of Defense’s unclassified email account was hacked by unknown foreign intruders as part of a larger series of attacks to access and exploit the Pentagon's networks. In that same year, spywares were found in the computers of classified departments within China Aerospace Science & Industry Corporation.
In Summer 2008, the databases of both Republican and Democratic presidential campaigns were hacked and downloaded by unknown foreign intruders. In August of that year, computer networks in Georgia were hacked by unknown foreign intruders around the time that the country was in conflict with Russia. Graffiti appeared on Georgian government websites. There was little or no disruption of services but the hacks did put political pressure on the Georgian government and appeared to be coordinated with Russian military actions.
All of the above should apparently be considered as 'cyber attacks', even if no direct, obvious, harm was done.
Interestingly, a 2016 NATO document [nato.int] defines a couple of types of cyber attack as follows:
It might be moot, though, what we, or NATO, think about this: what is important is what the purported target thinks about breaking, entering and installing malware on their power networks.
This is what apparently Russian military doctrine [eng.mil.ru]'s definition is of information war:
I put that last part in bold, as you will agree that having the power to send back a nation to the 1800s at the flick of a switch, from thousands of miles away ... is unacceptable to any other nation.
(Score: 1) by khallow on Wednesday June 19 2019, @12:36PM
So what? How should one respond to that? Let the nukes fly? Or respond in kind?